Lucene search

PRIOn knowledge basePRION:CVE-2008-4937

HistoryNov 05, 2008 - 3:00 p.m.

Arbitrary file deletion

2008-11-0515:00:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

8.3%

JSON

senddoc in OpenOffice.org (OOo) 2.4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/log.obr.##### temporary file.

CPENameOperatorVersion
openoffice.orgeq2.4.1

CPE	Name	Operator	Version
	openoffice.org	eq	2.4.1

References

bugs.debian.org/496361

dev.gentoo.org/~rbu/security/debiantemp/openoffice.org-common

secunia.com/advisories/32856

secunia.com/advisories/33140

security.gentoo.org/glsa/glsa-200812-13.xml

uvw.ru/report.lenny.txt

www.mandriva.com/security/advisories?name=MDVSA-2009:070

www.openwall.com/lists/oss-security/2008/10/30/2

www.securityfocus.com/bid/30925

www.ubuntu.com/usn/usn-677-1

www.ubuntu.com/usn/usn-677-2

bugs.gentoo.org/235824

bugs.gentoo.org/show_bug.cgi?id=235770

exchange.xforce.ibmcloud.com/vulnerabilities/44829

6.2 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

8.3%

JSON

Related for PRION:CVE-2008-4937